Threat Intelligence and #URINT Analyst |
See my Linktree for other socials |
In case I post false intel, contact me!
Support me: https://t.co/5WgDqr0K8p
Some more information on the #Nginx#0day by @_Blue_hornet as shared via DM and published here with permission:
Mar 4, 2022 • 8 tweets • 6 min read
The #ContiLeaks contained some messages consisting of IP:Username:pass combinations for #Conti infrastructure.
This allows us to connect certain #Trickbot activcity with the #Conti group:
1/x
The IP's in the image are the following:
117.252.69[.]134
117.252.68[.]15
116.206.153[.]212
103.78.13[.]150
103.47.170[.]131
103.47.170[.]130
118.91.190[.]42
117.197.41[.]36
117.222.63[.]77
117.252.69[.]210
2/x